If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

I backed up and updated all servers over weekend. Today I spent most of the day patching workstations. Also patched some industrial measuring equipment still running Windows XP with the out of band issued XP patch. So far all the places I run are unaffected.

Hopefully the malware attack will (re?)start a discussion on what type of vulnerabilities should be patched ASAP and which ones are 'safe to stockpile' by state agencies using it to perform espionage...

There is a US bill in committee that would require national security agencies to reveal exploits to the appropriate company. While the agencies may drag their feet some before disclosing the vulnerabilities (assuming the bill passes into law), it would allow for safer overall computing in the future.

There is still another problem though, people disabling patching. The patch that fixes WannaCrypt was released in March. The outbreak would not have been as bad if patching was enabled and run on the recommended scheduled. Except places like China and Russia where pirated copies of Windows are apparently pretty common, and patching is blocked.

There is a US bill in committee that would require national security agencies to reveal exploits to the appropriate company. While the agencies may drag their feet some before disclosing the vulnerabilities (assuming the bill passes into law), it would allow for safer overall computing in the future.

There is still another problem though, people disabling patching. The patch that fixes WannaCrypt was released in March. The outbreak would not have been as bad if patching was enabled and run on the recommended scheduled. Except places like China and Russia where pirated copies of Windows are apparently pretty common, and patching is blocked.